Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/NAgn565m5aap-BvH6b7uai7oQu8.roa
File: NAgn565m5aap-BvH6b7uai7oQu8.roa (raw, json)
Hash identifier: sVoFbF/ETtOTSxUYmFp7LqVomo1dzfB9MV68jg3sCdc=
Subject key identifier: 34:08:27:E7:AE:66:E5:A6:A9:F8:1B:C7:E9:BE:EE:6A:2E:E8:42:EF
Certificate issuer: /CN=d32d000368c1d54f08a7782c07673b68a93edfc5
Certificate serial: 019B7A5B6703D661F6CA3E2B4DDBA589BF50
Authority key identifier: D3:2D:00:03:68:C1:D5:4F:08:A7:78:2C:07:67:3B:68:A9:3E:DF:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0y0AA2jB1U8Ip3gsB2c7aKk-38U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/NAgn565m5aap-BvH6b7uai7oQu8.roa
Signing time: Thu 01 Jan 2026 16:19:28 +0000
ROA not before: Thu 01 Jan 2026 16:19:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29492
IP address blocks: 37.148.144.0/21 maxlen: 21
77.106.128.0/18 maxlen: 18
82.147.32.0/19 maxlen: 19
87.248.0.0/19 maxlen: 19
94.102.32.0/20 maxlen: 20
95.169.32.0/19 maxlen: 19
109.203.0.0/19 maxlen: 19
185.20.244.0/22 maxlen: 22
2a02:a18::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/0y0AA2jB1U8Ip3gsB2c7aKk-38U.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/0y0AA2jB1U8Ip3gsB2c7aKk-38U.mft
rsync://rpki.ripe.net/repository/DEFAULT/0y0AA2jB1U8Ip3gsB2c7aKk-38U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:5b:67:03:d6:61:f6:ca:3e:2b:4d:db:a5:89:bf:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d32d000368c1d54f08a7782c07673b68a93edfc5
Validity
Not Before: Jan 1 16:19:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=340827e7ae66e5a6a9f81bc7e9beee6a2ee842ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8e:79:ab:a6:4a:11:27:c4:b7:0f:59:a1:d6:
12:05:cc:54:fb:17:a2:47:ef:82:6f:0e:5d:d7:37:
6f:6f:c9:40:e2:a9:40:2b:cc:91:c6:b4:68:66:39:
ce:47:26:3f:f5:3f:07:29:79:81:8a:f4:3c:af:06:
41:64:d4:1e:ff:e4:4b:10:18:4c:2e:91:77:07:a5:
4e:18:40:fe:ad:0c:12:09:59:9c:4f:5d:a3:f8:4c:
71:9b:fc:16:8e:f6:d6:3a:33:36:cc:f4:34:d9:46:
43:a3:5e:25:db:7a:b3:b9:73:ba:db:1e:95:c1:b2:
ad:ae:00:ca:9c:dc:77:9b:95:db:0b:75:1a:e2:e9:
35:6f:d9:83:fe:a2:6b:89:b0:56:22:a7:56:24:4d:
c5:9d:03:47:a8:dc:a1:9a:e1:50:a1:86:ac:5d:26:
59:f4:1d:ac:dd:e9:a6:f3:c7:a9:78:76:a1:bb:7f:
ae:34:26:35:e4:2c:c1:44:cc:2e:9a:79:3a:06:47:
17:34:07:f5:a7:15:a6:25:86:9b:90:8d:58:33:d7:
88:c1:63:6e:a1:34:6e:ad:2f:22:e5:9e:c0:fb:5e:
c0:19:59:d0:10:ee:09:d7:74:f2:a7:be:24:6c:19:
23:b9:64:11:ab:c3:e9:8d:f2:4e:84:bf:cc:84:7a:
40:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:08:27:E7:AE:66:E5:A6:A9:F8:1B:C7:E9:BE:EE:6A:2E:E8:42:EF
X509v3 Authority Key Identifier:
keyid:D3:2D:00:03:68:C1:D5:4F:08:A7:78:2C:07:67:3B:68:A9:3E:DF:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0y0AA2jB1U8Ip3gsB2c7aKk-38U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/NAgn565m5aap-BvH6b7uai7oQu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/0y0AA2jB1U8Ip3gsB2c7aKk-38U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.144.0/21
77.106.128.0/18
82.147.32.0/19
87.248.0.0/19
94.102.32.0/20
95.169.32.0/19
109.203.0.0/19
185.20.244.0/22
IPv6:
2a02:a18::/32
Signature Algorithm: sha256WithRSAEncryption
ca:88:95:11:54:a6:c1:34:8a:09:ed:e7:02:15:98:1a:95:8c:
6e:c5:c7:59:3a:03:1f:83:b8:0e:8d:b3:46:aa:89:00:80:28:
ec:ac:d2:0d:de:32:80:60:1f:f6:31:e8:7b:c2:c1:8f:b2:15:
e3:9e:bc:21:8c:a6:79:fa:f9:71:d8:7b:27:99:04:10:38:8d:
45:97:97:7f:87:3c:a5:6f:11:30:73:7f:99:03:a9:08:7e:13:
ba:54:56:57:34:cd:a4:34:a0:6a:08:bd:1e:55:ff:1c:b4:6d:
f1:6f:e8:a4:b3:2f:a9:44:76:bc:9c:ad:5f:b4:81:e8:80:48:
a9:5c:96:6b:1d:e2:c1:1c:37:a7:fb:f9:26:de:65:6e:1a:b7:
6d:21:80:e0:f3:ba:48:73:48:14:0a:d3:ac:64:ec:da:18:2b:
0e:e2:f7:37:e2:57:91:6b:b6:cb:14:c0:b3:67:a3:f9:c8:29:
63:43:69:f1:86:38:5e:37:7f:7d:4b:14:25:88:6e:51:c2:71:
54:19:1a:82:5d:97:ab:62:79:59:85:40:57:61:96:12:bd:a7:
10:4e:26:53:7c:e8:93:66:ad:2d:94:15:5a:81:2c:02:24:5d:
ae:e6:b9:44:4b:28:f9:6f:1c:d9:88:46:fd:76:05:99:67:72:
29:66:3c:75
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZt6W2cD1mH2yj4rTdulib9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMmQwMDAzNjhjMWQ1NGYwOGE3NzgyYzA3NjczYjY4YTkz
ZWRmYzUwHhcNMjYwMTAxMTYxOTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDA4MjdlN2FlNjZlNWE2YTlmODFiYzdlOWJlZWU2YTJlZTg0MmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o55q6ZKESfEtw9ZodYSBcxU+xei
R++Cbw5d1zdvb8lA4qlAK8yRxrRoZjnORyY/9T8HKXmBivQ8rwZBZNQe/+RLEBhM
LpF3B6VOGED+rQwSCVmcT12j+Exxm/wWjvbWOjM2zPQ02UZDo14l23qzuXO62x6V
wbKtrgDKnNx3m5XbC3Ua4uk1b9mD/qJribBWIqdWJE3FnQNHqNyhmuFQoYasXSZZ
9B2s3emm88epeHahu3+uNCY15CzBRMwumnk6BkcXNAf1pxWmJYabkI1YM9eIwWNu
oTRurS8i5Z7A+17AGVnQEO4J13Typ74kbBkjuWQRq8PpjfJOhL/MhHpAIQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDQIJ+euZuWmqfgbx+m+7mou6ELvMB8GA1UdIwQY
MBaAFNMtAANowdVPCKd4LAdnO2ipPt/FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHkwQUEyakIxVThJcDNnc0IyYzdhS2stMzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NjgwNjUtMjIzMy00ZGM3LWI5NWMt
YTdiYjM4YTFhNTNkLzEvTkFnbjU2NW01YWFwLUJ2SDZiN3VhaTdvUXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NjgwNjUtMjIzMy00ZGM3LWI5NWMtYTdiYjM4YTFhNTNk
LzEvMHkwQUEyakIxVThJcDNnc0IyYzdhS2stMzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJZSQAwQG
TWqAAwQFUpMgAwQFV/gAAwQEXmYgAwQFX6kgAwQFbcsAAwQCuRT0MA0EAgACMAcD
BQAqAgoYMA0GCSqGSIb3DQEBCwUAA4IBAQDKiJURVKbBNIoJ7ecCFZgalYxuxcdZ
OgMfg7gOjbNGqokAgCjsrNIN3jKAYB/2Meh7wsGPshXjnrwhjKZ5+vlx2HsnmQQQ
OI1Fl5d/hzylbxEwc3+ZA6kIfhO6VFZXNM2kNKBqCL0eVf8ctG3xb+iksy+pRHa8
nK1ftIHogEipXJZrHeLBHDen+/km3mVuGrdtIYDg87pIc0gUCtOsZOzaGCsO4vc3
4leRa7bLFMCzZ6P5yCljQ2nxhjheN399SxQliG5RwnFUGRqCXZerYnlZhUBXYZYS
vacQTiZTfOiTZq0tlBVagSwCJF2u5rlESyj5bxzZiEb9dgWZZ3IpZjx1
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:55:51 2026 by rpki-client